Each entity that needs to encrypt
messages is assigned a key pair  one public key and one private
key. As noted above, when using asymmetric cryptography, a message
can be encrypted with either key, and once encrypted; it can only be
decrypted by the OTHER key, not the original key that was used to encrypt
it.

Which of the two keys you choose
to encrypt a message with, is determined by what youre trying
to achieve with the encryption.

For example, encrypting the message
with the private key known only to you means that it can be decrypted
by anyone with the public key (translation: anyone). This doesnt
do much to maintain message confidentiality, but it does provide
strong proof that the message is from you, since the message couldnt
be decrypted with your public key if it wasnt from you.

On the other hand, if you have someones
public key, you can encrypt a message to him or her with his or her
public key, so that only that person can decrypt it (with their
private key). This means that once the message has been encrypted,
it will remain confidential except to its intended recipient. However,
since anyone with the public key can encrypt the message, this use of
asymmetric cryptography doesnt provide proof of the senders
identity.

More will be said about this later
in the chapter, when we discuss applications of public key cryptography.

In addition to its use in public/private
key systems, asymmetric cryptography is also used for the exchange of
secret symmetric keys used for encrypting files, so that the symmetric
key information can be communicated securely between authorized parties.
This gets around one of the problems with symmetric key systems 
how to securely exchange key information. One asymmetric algorithm
used for the secure exchange of a secret key is the Diffie-Hellman Key
Agreement protocol. Why not send the entire file encrypted with
asymmetric cryptography? One answer is that symmetric algorithms take
less (often much less) CPU time/power to encrypt and decrypt.

Because of the use of different keys
to encrypt and decrypt, asymmetric cryptography has interesting uses
in applications such as digital signatures, which will be discussed
later.

Asymmetric Offers

To be able to prove that a message came from a certain sender and was not modified before receipt, the sender encrypts the message with the their private key, and you decrypt it with the senders public key.

Asymmetric cryptography can be used to encrypt a secret key that will be used to encrypt and decrypt a file being transferred across the Internet.

Figure 40: The beauty of Asymmetric encryption is the public key does not compromise the private key.

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!